Abstract
The spread of high-speed networks changes the way in which organizations manage information. Distributed environments, such as multi-cloud environments, can be exploited by users belonging to different organizations. Companies are realizing that they can achieve significant cost savings by outsourcing some of their information technology environments to specialized service companies. This rapid transition has introduced a number of security risks and challenges. The resulting environment cannot succeed at addressing them without the use of access control policies and the definition of trust mechanisms. Access control ontologies, as a structured way to represent real word elements, are widely employed for making the security interoperable and understandable. Ontologies that have been built for this aim suffer from the lack of crucial elements for distributed environments. In this paper, we tackle the problem of trust-based access control models. We define a list of trust elements that should be integrated into any access control ontology. We also provide a mapping technique that permits the exchange of trust information. Based on these two contributions, our reputation mechanism, that builds upon the organization-based access control model (OrBAC), is created. To prove the efficiency of our proposal, we test it in a multi-cloud environment. Then, we conduct a set of experiments that show the high accuracy level of our system.
| Original language | English |
|---|---|
| Pages (from-to) | 5295-5310 |
| Number of pages | 16 |
| Journal | Security and Communication Networks |
| Volume | 9 |
| Issue number | 18 |
| DOIs | |
| Publication status | Published - 1 Dec 2016 |
| Externally published | Yes |
Keywords
- OrBAC
- access control
- ontology
- reputation
- trust